title:Status Update October 2021
date: 2021-11-01 03:50
tags: emacs
summary: October's Progress
---

The main thing that I have been working on this month is an
`opensmtpd-service` that uses `(guix records)`. The code is [here.](https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd-records.scm)
It has been a real pleasure creating the various records to turn this:

    (service opensmtpd-service-type
             (opensmtpd-configuration
              (queue
               (opensmtpd-queue-configuration
                (compression #t)))
              (smtp
               (opensmtpd-smtp-configuration
                (max-message-size "10M")))
              (srs
               (opensmtpd-srs-configuration
                (ttl-delay "5d")))
              (pkis (list
                     (opensmtpd-pki
                      (domain "smtpd.gnucode.me")
                      (cert "/etc/letsencrypt/live/gnucode.me/fullchain.pem")
                      (key "/etc/letsencrypt/live/gnucode.me/privkey.pem"))))
              (tables (list
                       (opensmtpd-table
                        (name "aliases")
                        (values
                         (list
                          (cons "webmaster" "root")
                          (cons "postmaster" "root")
                          (cons "abuse" "root"))))
                       (opensmtpd-table
                        (name "creds")
                        (values
                         (list
                          (cons "joshua"
                                "$6$Ec4m8FgKjT2F/03Y$k66ABdse9TzCX6qaALB3WBL9GC1rmAWJmaoSjFMpbhzat7DOpFqpnOwpbZ34wwsQYIK8RQlqwM1I/v6vsRq86."))))
                       (opensmtpd-table
                        (name "vdoms")
                        (values (list "gnucode.me"
                                      "gnu-hurd.com")))
                       (opensmtpd-table
                        (name "vusers")
                        (values (list (cons "joshua@gnucode.me" "joshua")
                                      (cons "jbranso@gnucode.me" "joshua")
                                      (cons "postmaster@gnucode.me" "joshua"))))))
              (listen-ons
               (list
                ;; this forum help suggests that I listen on 0.0.0.0 and NOT eth0
                ;; https://serverfault.com/questions/726795/opensmtpd-wont-work-at-reboot
                ;; this listens for email from the outside world
                (opensmtpd-listen-on
                 (interface "eth0")
                 (port 25)
                 (secure-connection "tls")
                 (pki "smtp.gnucode.me"))
                ;; this lets local users logged into the system via ssh send email
                (opensmtpd-listen-on
                 (interface "lo")
                 (port 25)
                 (secure-connection "tls")
                 (pki "smtp.gnucode.me"))
                (opensmtpd-listen-on
                 (interface "eth0")
                 (port 465)
                 (secure-connection "smtps")
                 (pki "smtp.gnucode.me")
                 (auth "<creds>"))
                (opensmtpd-listen-on
                 (interface "eth0")
                 (port 587)
                 (secure-connection "tls-require")
                 (pki "smtp.gnucode.me")
                 (auth "<creds>"))
                ))
              (actions
               (list
                (opensmtpd-action
                   (name "receive")
                   (method
                    (opensmtpd-local-delivery-configuration
                     (method (opensmtpd-maildir-configuration
                              (pathname "/home/%{rcpt.user}/Maildir")
                              (junk #t)))
                     (virtual "vusers"))))
                (opensmtpd-action
                 (name "send")
                 (method (opensmtpd-relay-configuration)))))
              (matches (list
                        (opensmtpd-match
                         (name "send")
                         (for "for any")
                         (from "from any")
                         (auth "auth"))
                        (opensmtpd-match
                         (name "receive")
                         (from "from any")
                         (for "for domain <vdoms>"))
                        (opensmtpd-match
                         (name "receive")
                         (for "for local"))))
              (filter-chains
               (list
                (opensmtpd-filter-chain
                 (name "dropDumbEmails")
                 (filter-names (list "nofcrdnsDisconnect"
                                     "nordnsDisconnect")))))
              (filter-phases
               (list (opensmtpd-filter-phase
                      (name "nofcrdnsDisconnect")
                      (phase-name "connect")
                      (conditions (list "!fcrdns"))
                      (decision "disconnect")
                      (message "You have not set up forward confirmed DNS."))
                     (opensmtpd-filter-phase
                      (name "nordnsDisconnect")
                      (phase-name "connect")
                      (conditions (list "!rdns"))
                      (decision "reject")
                      (message "You have not set up reverse DNS."))))))

into this:

    smtp max-message-size 10M


    srs ttl 5d


    queue compression

    table aliases { "webmaster" = "root", "postmaster" = "root", "abuse" = "root" }
    table creds { "joshua" = "$6$Ec4m8FgKjT2F/03Y$k66ABdse9TzCX6qaALB3WBL9GC1rmAWJmaoSjFMpbhzat7DOpFqpnOwpbZ34wwsQYIK8RQlqwM1I/v6vsRq86." }
    table vdoms { "gnucode.me", "gnu-hurd.com" }
    table vusers { "joshua@gnucode.me" = "joshua", "jbranso@gnucode.me" = "joshua", "postmaster@gnucode.me" = "joshua" }

    pki smtpd.gnucode.me cert "/etc/letsencrypt/live/gnucode.me/fullchain.pem"
    pki smtpd.gnucode.me key "/etc/letsencrypt/live/gnucode.me/privkey.pem"

    filter "nofcrdnsDisconnect" phase connect match !fcrdns disconnect "You have not set up forward confirmed DNS."
    filter "nordnsDisconnect" phase connect match !rdns reject "You have not set up reverse DNS."

    filter "dropDumbEmails" chain {nofcrdnsDisconnect, nordnsDisconnect}

    listen on eth0 tls port 25 pki smtp.gnucode.me
    listen on lo tls port 25 pki smtp.gnucode.me
    listen on eth0 smtps port 465 pki smtp.gnucode.me auth <<creds>>
    listen on eth0 tls-require port 587 pki smtp.gnucode.me auth <<creds>>

    action "receive" maildir "/home/%{rcpt.user}/Maildir" junk
    action "send" relay

    match from any for any auth tls action "send"
    match from any for domain <vdoms> tls action "receive"
    match for local tls action "receive"

Looking at it now, one might almost prefer just to use the opensmtpd
configuration syntax.  Still it is nice to be able to use a schemey
syntax and translate in into something that opensmtpd can parse.
Perhaps someone could potentially configure a webserver via something
like this:

    (service email-service-type
             (email-service-configuration
              (domains (list "gnucode.me"
                             "gnu-hurd.com"))
              (use-letsencrypt-certs #t)))

Perhaps the above would set up a DNS server at smtp.domain.name.  And
serve the emails via dovecot.  Though that would be a task for someone else.

Future work for my opensmtpd-service via `(guix records)` includes
writing figure out how to let `opensmtpd-filter-proc-exec` accept a
list of strings and gexps.  I currently could use my opensmtpd-service
for my linode server via the `includes` directive, but I'd rather use
the `opensmtpd-filter-proc-exec`.  My current opensmtpd configuration
can be found
[here](https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.scm).
If you can think of anyway that I can improve the code, please reach
out: jbranso AT dismail DOT de.

## I made a cookbook submission about auto logging into tty3

<http://issues.guix.gnu.org/48974#13>

This was a while ago, but I did write an entry in the cookbook about
how to autologin to a specific tty.  So if you want to learn how to
auto login to sway via guix system, this is part of that solution.


## I am now hosting an xmpp account on gnucode.me.

My jmp.chat account delivers SMS text messages to my XMPP account at
via dismail.de.  Perhaps one day soon, I'll be able to host my own
chats via gnucode.me.  That would be pretty awesome!

## Guix's official libreboot cookbook guide

I also need to finish Raghav's [libreboot
cookbook](http://issues.guix.gnu.org/49654#1) guide for inclusion to
the guix cookbook.
